Friday, July 6, 2012

SSL
Encryption can be added to your Wamp Server package to make it more secure as well as to test the SSL environment before taking your application to production.

Note 1:
Example given in case the folder in which apache is installed is apache2.2.6 where 2.2.6 is the version of apache installed.
In case of another version being installed, say apache 2.2.22, this folder
would change to apache2.2.22

Note 2: the foldername appName used below should be changed to whatever is the foldername where your application is placed which should be served to users connecting via https://

1. Create SSL Certificate and
Key

Open
the DOS command window and change directory to bin directory of wamp apache
directory by using the DOS command

cd
c:\wamp\bin\apache\apache2.2.6\bin

Now
the DOS prompt should look like: C:\wamp\bin\apache\apache2.2.6\bin>

To
create a server key with 1024 bits encryption, enter this command:

openssl
genrsa -des3 -out server.key 1024

It’ll
ask you a pass phrase, enter a passphrase of your choice which you will
remember

Remove
the pass phrase from the RSA private key (while keeping a backup copy of the
original file). Enter these commands:

copy
server.key server.key.org

openssl
rsa -in server.key.org -out server.key

It’ll
ask you the pass phrase you entered earlier, enter it

Create
a self-signed Certificate (X509 structure) with the RSA key you just created.
Enter the command:

Change
the line which says <Directory
"C:/Program Files/Apache Software Foundation/Apache2.2/cgi-bin">
to <Directory
"C:/wamp/www/">

and
add the following lines inside those <Directory
… >…</Directory> tags:

Options Indexes
FollowSymLinks MultiViews

AllowOverride All

Order allow,deny

allow from all

Make
sure the line CustomLog "C:/wamp/logs/ssl_request.log"
\is uncommented (remove the #).

In
the DOS Command window, enter httpd -t . If it displays Syntax is OK, then proceed, else you have made a syntactical error
and will need to troubleshoot

Go
to C:/wamp/logs and create the
following 3 files

i.sslerror.log

ii.ssl_request.log

iii.sslaccess.log

5. Starting the HTTPS Server and
Putting it Online

Restart
the Apache server

If
restart is successful, then open the browser and enter https://localhost

If
you want to allow put your HTTPS secure server online then in the
httpd_ssl.conf file, change the line which says "ServerName localhost:443" to "ServerName www.yourwebsitename.com:443" or"ServerName
X.Y.Z.A:443" without quotes where yourwebsitename is your registered
internet domain name and/orX.Y.Z.A is
your WAN IP Address

The
DocumentRoot you modified in Step 4 points to the correct website folder on
your server.

If
your server is connected to a router, setup the router to allow port 443
forwarding to your server.

If
your server has a firewall enabled or behind a network firewall, set up the
firewall to allow incoming port 443 connection